Installation

upgrading from earlier and/or unpatched versions

+
+

PGP and S/MIME support needs to store additional information for the mailing
+lists, thus new variables were introduced. Have a look at bin/update and search
+for "GPG" and "smime".

+
+

The automatic upgrade procedure occuring on a change of the version number
+is implemented yet untested. You can either modify the version number in
+Version.py to trigger the automatic patch, or run bin/update --force (worked
+for me, but I won't give any guarantees).

+
+

fresh installs

+
+

If you're installing on a Debian(-based) hosts, you can "apt-get install"
+the patched package from

+
+

+deb http://non-gnu.uvt.nl/debian sarge mailman
+

+
+

If you're on another platform, you can apply the patch to a pristine official
+mailman tarball, and install using the official installation instructions.

+
+

setting up lists

+
+

Create a list. Go to the admin menu. Open "Privacy options", select "GPG
+options" and "S/MIME options". Make the settings appropriate for your list
+(yes, there is some help text!). Create a keypair for your list. Make sure
+the list-posting-address is in one of the keys identities. Publish the public
+key for your list, e.g. on the list info page. Ask all subscribers to upload
+their public key. A good idea is to set up the web interface to only run over
+https.

Distribute the list public key to your subscribers, e.g. by posting it to
+the list after they've subscribed, or by pasting it in "[General Options],
+info" in the list admin webinterface.

+
+

l10n

+
+

I only updated the english html template for the user preferences;
+that means that users using a different language setting will be unable
+to upload their public key. Either allow English only, or make the
+patches to other language templates (and send the diff to me).

+
+

lost emails

+
+

Users won't get warnings when mails are not delivered to them due
+to the encryption send policy. Failures to send due to a missing public key
+will be treated like bounces.

+
+
+

Hacking

+
+

If you're interested in helping with the work, you might like to subscribe
+to the developer list for a GPG/SMIME-enhanced mailman ssls-dev /a/
+ulm.ccc.de. (Thanks a lot to Stefan
+Schlott for hosting this list.) If you'd like to contact the author
+directly, mail Joost van Baal on <joostvb-mailman-pgp-smime /a/ mdcc.cx>.

History, credits, copyright

+
+

This patch is based upon prior work
+by Stefan Schlott in mailman-2.1.5-gpg_2005-02-22.diff.gz. Copyright on
+the code is held by Stefan Schlott (stuff from
+mailman-2.1.5-gpg_2005-02-22.diff.gz) and Tilburg
+University (stuff written by Joost van Baal), see the individual files for
+details. Some contributions are from Michael
+Feiri.

+
+

Biggest lumps of changes by Joost van Baal are in Mailman/GPGUtils.py
+(function verifyMessage added) and in Mailman/Handlers/Moderate.py (code which
+deals with gpg_post_sign added). These are likely nontrivial so
+copyright-able. Check with a specialist if you'd like to know for sure.
+Likely, Mailman upstream wants a copyright assignment to FSF before patch gets
+included.

+
+

In 2005, this project was known as the SURFnet Secure List Server
+(mailman-ssls). SURFnet and Tilburg University made the project possible.
+Since 2008, the project is made possible by NLnet.

+
+

See also

+
+

There are some alternative approaches on building a general re-encrypting
+secure list server (e.g. by integrating PGP and/or S/MIME with Mailman):